About

OpenXT is a development platform for the security and virtualization communities, a toolkit for hardware-assisted separation of operating systems and user workflows for tailored solutions.

Released as open-source software in 2014, OpenXT was derived from Citrix XenClient XT, released in 2011. XenClient XT was an early commercial adopter of Intel TXT and Secure Virtual Platform (SVP) concepts from the Trusted Systems Research group of the U.S. National Security Agency.

Upstream Open-Source

• Linux: operating system kernel and device drivers
• OpenEmbedded: cross-compilation and build integrity
• QEMU: device emulation
• SELinux: mandatory access control
• TPM2/TSS2: based on Trusted Computing Group (TCG)
• TrenchBoot: measured launch integrity framework
• Xen: flexible, multi-vendor, bare-metal hypervisor

Tailored Solutions

• Architecture Technology Corp., Freeboard CSfC-certifiable mobility for Android (COTS)
• U.S. Air Force Research Laboratory (AFRL) SecureView (GOTS)
• U.S. DoD organization, CSfC-certifiable mobility for Windows (GOTS)

Industry Guidelines

• (2018) Intel PCI Express Device Security Enhancements
• (2018) NIST SP 800-193 Platform Firmware Resiliency
• (2016) NIAP Protection Profiles for Virtualization:   Base · Client · Server
• (2012) Intel Open Platforms, Security Practices
• (2011) TCG Virtualized Trusted Platform Architecture
• (2009) DMTF Virtualization Management